This documentation does not apply to the most recent version of Splunk® Enterprise Security.
For documentation on the most recent version, go to the latest release.
Download topic as PDF
Release Notes
This topic contains information on new features, updates, and known issues released with the Splunk App for Enterprise Security.
What's New
- Risk Analysis: A new framework for tracking and assessing risk, including new dashboards for analysis and auditing of risk scoring.
- Incident review dashboard: The dashboard has an updated UI to improve the notable event workflow.
- Guided Correlation search: A wizard that provides guidance for building data model based correlation searches.
- Unified Search Manager: A single management page to check the status and edit key search types used in the Enterprise Security app.
- Threat list auditing: A new dashboard to track threat list updates and status.
- Threat list weighing: A scoring system for prioritizing the threat lists based upon their source and value to the organization. The score can be integrated into the Risk Analysis framework.
Add-ons
- Updated add-ons have their own documentation. See the Supported Add-ons manual.
- The Splunk Common Information Model app has been updated. The latest version is shipped with Enterprise Security. It is also available for direct download here.
- The TA-mcafee is no longer included with the Splunk App for Enterprise Security. It has been replaced with the Splunk Add-on for McAfee. The latest version of the Splunk Add-on for McAfee is shipped with Enterprise Security. It is also available for direct download here. See Splunk Add-on for McAfee documentation.
- The Splunk Add-on for Unix and Linux was updated. The latest version is shipped with Enterprise Security. It is also available for direct download here.
- The Splunk Add-on for Microsoft Windows was updated. The latest version is shipped with Enterprise Security. It is also available for direct download here.
Last modified on 25 July, 2014
NEXT Fixed Issues |
This documentation applies to the following versions of Splunk® Enterprise Security: 3.1.1
Feedback submitted, thanks!